Key skills
AWSOCIPalo Alto firewallCheck Point firewallFortinet firewallCisco firewallAWS Network FirewallOCI Network FirewallSecurity GroupsNACLsTerraformCloudFormationAnsiblePythonPowerShellBashAPI-driven workflowsTransit GatewayDirect ConnectOCI FastConnectCloud WANDNSVPNZTNASASECloudWatchOCI LoggingOCI MonitoringPanoramaFortiManagerSIEMPCNSEFortinet NSE 4Fortinet NSE 5Fortinet NSE 7CCNP SecurityCCIE SecurityAWS Security SpecialtyOCI Security ProfessionalDevSecOpsCI/CDTCP/IPDNS protocolDHCPIPSecSSL/TLSRoutingZero TrustSegmentationLeast-privilege accessPCI DSSSOXISO 27001NIST 800-53NIST CSFHIPAACommunicationCritical ThinkingTime ManagementCollaborationNetwork SecurityCloud SecurityFirewall
About this role
Hertz is a leading vehicle rental company operating globally. They are seeking a Cloud Security Engineer to design, build, and operate cloud-native network security controls that protect enterprise workloads across various cloud environments.
Responsibilities:
- Design and implement cloud-native network security architectures across AWS and OCI, including VPC/VCN segmentation, private connectivity, and identity-aware access patterns
- Engineer and operate next-generation firewall platforms (Palo Alto, Check Point, Fortinet, Cisco) and cloud firewalls (AWS Network Firewall, OCI Network Firewall, Security Groups, NACLs)
- Develop and maintain scalable firewall and network security policies, including segmentation, micro-segmentation, NAT, VPNs, and egress/ingress controls across hybrid environments
- Automate security guardrails and firewall operations using Terraform, CloudFormation, Ansible, Python, PowerShell, Bash, or API-driven workflows
- Integrate network security controls with cloud and hybrid infrastructure, including Transit Gateway, Direct Connect, OCI FastConnect, Cloud WAN, load balancers, DNS, and service-to-service communication patterns
- Support secure connectivity for distributed on-prem devices and mobile endpoints, including VPN clients, mobile access gateways, ZTNA/SASE integrations, and secure remote access for laptops, tablets, and smartphones
- Monitor and enhance network security posture using cloud-native logging, monitoring, and detection tools (CloudWatch, OCI Logging/Monitoring, Panorama, FortiManager, SIEM platforms)
- Participate in incident response for cloud and network security events, including triage, containment, and root cause analysis
- Collaborate with cloud, platform, and application teams to embed secure-by-default patterns into architectures and CI/CD workflows
- Contribute to resilience and disaster recovery strategies for network and firewall infrastructure
Requirements:
- Bachelor's degree in Cybersecurity, Computer Science, IT, or related field
- Background supporting large-scale, regulated, or globally distributed environments
- Strong understanding of cloud networking and security across AWS and OCI
- Hands-on experience with next-generation firewalls (Palo Alto, Fortinet, Check Point, Cisco)
- Deep knowledge of network and security protocols (TCP/IP, DNS, DHCP, IPSec, SSL/TLS, routing)
- Experience with cloud-native monitoring and logging (CloudWatch, OCI Observability, Panorama, FortiManager, SIEM)
- Solid understanding of Zero Trust, segmentation, and least-privilege access models
- Experience supporting distributed on-prem devices and mobile connectivity, including VPN clients, ZTNA/SASE, and secure remote access
- Familiarity with compliance frameworks (PCI DSS, SOX, ISO 27001, NIST 800-53/CSF, HIPAA)
- Strong analytical and troubleshooting skills across hybrid cloud and on-prem environments
- Excellent communication and collaboration skills
- Ability to collaborate with internal and external stakeholders across multiple functions and locations
- Flexible and adaptable; ability to work effectively in ambiguous situations
- Excellent verbal and written communication skills
- Results driven, ability to make decisions and help solve problems
- Ability to work under minimal supervision with a goal-oriented mindset
- Ability to see the big picture and leverage critical thinking and decision-making skills
- Excellent organization, time management and prioritization skills
- Certifications such as PCNSE, Fortinet NSE 4/5/7, CCNP/CCIE Security, AWS Security Specialty, OCI Security Professional
- Experience with DevSecOps practices, CI/CD-driven security automation, or platform engineering
- Proficiency with infrastructure-as-code and automation (Terraform preferred; CloudFormation, Ansible, Python, PowerShell, Bash)